Summary: On April 3, 2025, Ivanti revealed a serious unauthenticated buffer overflow vulnerability (CVE-2025-22457) affecting multiple products, including Connect Secure and Policy Secure. This vulnerability allows remote code execution, making prompt action necessary for Australian organizations using these solutions. The alert provides detailed mitigation strategies and highlights the urgency of patching vulnerable systems to prevent exploitation by sophisticated threat actors.
Affected: Ivanti products such as Pulse Connect Secure, Ivanti Connect Secure, Ivanti Policy Secure, Neurons for ZTA
Keypoints :
- Unauthenticated buffer overflow enables remote code execution on affected devices.
- Immediate upgrade to Ivanti Connect Secure 22.7R2.6 is required to mitigate risks.
- Mandiant has observed active exploitation of the vulnerability, leading to novel malware deployments.
- Organizations using Pulse Connect Secure 9.1x must migrate immediately as it is no longer supported.
- Forensic investigations and monitoring for anomalous activities are highly recommended.
- Attribution of this vulnerability exploitation has been linked to the China-nexus actor UNC5221.
Source: https://thecyberexpress.com/ivanti-vulnerability-cve-2025-22457-exploited/
Views: 9
简体中文
Nederlands
Français
Bahasa Indonesia
日本語
Português